[CentOS] Fail2ban & logrotate [was: Update on spam, postfix, fail2ban, centos 6]
Leonard den Ottolander
leonard at den.ottolander.nl
Sun Jun 17 14:16:42 UTC 2012
Hello Bob,
On Sat, 2012-06-16 at 22:47 -0400, Bob Hoffman wrote:
> 1- you must use gamin as the setting or the log rotations will make
> fail2ban fail
I noticed the failing of fail2ban after rotating the logs too.
Supposedly it works fine on CentOS 5 (from an IRC chat on
#fedora-epel(?)), but on CentOS 6 fail2ban will stop banning after log
rotation even though it should handle log rotation transparently.
However, you can fix your logrotate configuration to restart fail2ban
after rotating the logs. Sadly that will remove current bans, but at
least new bans will be added:
(mind the line wraps)
$ cat /etc/logrotate.d/syslog
/var/log/cron
/var/log/maillog
/var/log/messages
/var/log/secure
/var/log/spooler
{
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/syslogd.pid 2> /dev/null`
2> /dev/null || true
# reload fail2ban after log rotation
/usr/bin/fail2ban-client -x reload > /dev/null
endscript
}
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS
mailing list